Handover 

BACKGROUND OF THE INVENTION 

[0001] The invention relates to handover and particularly to hand- 
over and tunnel updating between access devices. 
5 [0002] Data services developed for public mobile networks with ex- 

tensive coverage areas and supporting the mobility of the user have evolved 
significantly in recent years. The packet switched General Packet Radio Ser- 
vice (GPRS) provides the GSM networks with efficient data transmission, 
where radio capacity is allocated only during packet transmission. The Univer- 

10 sal Mobile Telecommunications System (UMTS) standardised by the Third 
Generation Partnership Project (3GPP) will offer an even broader data trans- 
mission capacity than the GSM/GPRS networks. 

[0003] In addition to the data services offered by the PLMN net- 
works, various wireless local networks have been developed that offer a 

15 broadband wireless data transmission service for a limited coverage area. The 
IEEE 802.1 1-based WLAN networks represent examples of such techniques. 
Such local networks can be used to offer in different hot spots, such as offices 
or airports, extremely fast data transmission and access to the Internet. Wire- 
less local area networks and PLMN networks have also been converged. For 

20 example, base stations based on the GSM technology can be used in a data 
system of an office for providing a wireless connection to a local area network 
of the office. Then again, network elements have also been designed for wire- 
less local area networks that allow the local network to utilize the PLMN net- 
work. For instance, network elements have been created for the WLAN net- 

25 works according to the IEEE 802.11 standard and GSM networks that allow 
access to the authentication and billing services offered by the GSM network 
through the WLAN network. The co-operation between PLMN networks and 
wireless local area networks has been planned further so that the services of- 
fered by the PLMN network could also be used through a radio interface of- 

30 fered by the wireless local area networks. In the UMTS system, also referred to 
as the 3GPP system, the wireless local area network might operate as an ac- 
cess sub-system. 

[0004] Referring to Figure 1, data transmission can be arranged 
from a local area network to a terminal TE over an IP network to a correspond- 

35 ing host CH using tunnelling. Thus, a tunnel is formed between an access de- 



vice AD of a local network, such as an access point or a gateway device, and a 
corresponding host CH of an IP network, such as an edge router of a com- 
pany's intranet network. The tunnel is an end-to-end path, where the data units 
to be transmitted are transparently transferred between the end points AD, CH 
5 of the tunnel by encapsulating the data units within new frames in the starting 
point of the tunnel and decapsulating the tunnelled frames in the end points of 
the tunnel. Various tunnelling techniques can be used in the IP networks, one 
example thereof being a Layer 2 Tunnelling Protocol (L2TP) that allows form- 
ing Virtual Private Networks (VPN). Another example of tunnelling techniques 

10 is the Generic Routing Encapsulation (GRE) that is commonly used in tunnels 
between IP routers. 

[0005] However, the use of tunnels impedes the mobility of the ter- 
minals. When a terminal moves from the coverage area of a first access point 
to the coverage area of a second access point, the path arranged thereto 

15 through the first access point should be changed to the second access point, 
in other words handover must be carried out to the second access point. If the 
first access point functions as the end point of the tunnel, then the end point of 
the tunnel also has to be changed from the first access point to the second 
access point. This would require updating the corresponding host of the tunnel, 

20 meaning that the second access point is changed therein to the end point of 
the tunnel. Known tunnelling solutions do not, however, support the change of 
the end point of the tunnel. A solution to solve the problem has been to provide 
negotiation mechanisms of a higher level. For example, signalling mechanisms 
have been determined for a mobile IP protocol, according to which the location 

25 of the terminal can be updated for the home network. Publication WO 0 235 
738 shows a handover method in a system utilizing the mobile IP protocol. In 
this method, a tunnel is provided between a foreign agent serving the terminal 
and a router. When handover is carried out for a terminal to the area of a sec- 
ond foreign agent, the second foreign agent is able to register to a home 

30 agent, from where an updating request concerning binding is sent to the router. 
The router may update the second foreign agent as the end point of the tunnel. 
However, the solution disclosed in publication WO 0 235 738 includes draw- 
backs. It is only suitable for a system that employs a mobile IP protocol. 
Changing the end point requires support from the router for the signalling 

35 mechanism needed for this purpose that is not often found in older routers. 
Changing the end point in the corresponding host of the tunnel generally 
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causes additional signalling to the system and inconvenient delay to the delay 
critical applications in data transmission. 

BRIEF DESCRIPTION OF THE INVENTION 

[0006] It is an object of the invention to provide a method and an 
5 apparatus implementing the method so as to avoid the problems associated 
with changing the tunnel in a corresponding host. The object of the invention is 
achieved with a method, a system and an access device, characterized in what 
is disclosed in the independent claims. The preferred embodiments of the in- 
vention are disclosed in the dependent claims. 

10 [0007] The invention is based on an idea that completely differs 

from previous solutions that an address allocated particularly for a terminal is 
used as a tunnelling IP address, which address is maintained when handover 
is carried out from a first access device to a second access device. In a first 
access device, the tunnelling IP address is allocated for data transmission of 

15 the terminal for a tunnel to be formed in a corresponding host, to which tunnel- 
ling IP address the tunnel is bound. At least the allocated tunnelling IP address 
is moved from the first access device to a second access device in response to 
detecting a need to change a wireless connection of the terminal to be ar- 
ranged by the second access device. What is determined in the second access 

20 device, is binding between the tunnelling IP address and the network interface 
of the second access device, i.e. the tunnel is thus bound to the second ac- 
cess device. Information concerning the new binding between the network in- 
terface of the second access device and the allocated tunnelling IP address is 
sent to at least one network node in the system. 

25 [0008] Handover should be widely interpreted to indicate any 

mechanism that allows changing the logical connection or context enabling 
data transmission to be handled by the second access device. Thus, changing 
the packet switched data transmission context to be handled by the second 
access device means carrying out handover, even though user data is not 

30 transferred at that particular moment (in circuit-switched networks handover 
typically only refers to transferring an active call). What the network interface of 
the second access point generally refers to is any interface, to which the tunnel 
can be bound from the second access point to the corresponding host. The 
network interface may for instance be an Ethernet interface. 
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[0009] The solution of the invention provides such an advantage 
that the corresponding host need not be updated owing to the change of the 
other end point in the tunnel. An active connection can then be changed from 
an access device, for instance from the access point of a wireless local area 
5 network to another, also when tunnelled connections are being used. Higher 
layer signalling solutions are not required to support mobility, and the problems 
associated with updating the corresponding host can be completely avoided. 
No changes are required to be made in the tunnelling protocols, the implemen- 
tation of the corresponding hosts in the tunnels, the terminals or the standards 

10 between the terminal and the access devices. Since the end point of the tunnel 
can be locally changed, the delay caused by the signalling messages to be 
sent to the corresponding host or received therefrom can be avoided, which 
may be of significance to the delay critical applications. 

[0010] In accordance with a preferred embodiment of the invention, 

15 said binding refers to binding between a MAC address in the network interface 
and the tunnelling IP address. Consequently, information concerning the new 
binding can, if required, be updated within a sub-network to other network 
nodes in the sub-network, and thereafter the packets are transferred in the 
sub-network to the second access device using the mechanisms in the data 

20 link layer. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0011] In the following the invention will be described in greater de- 
tail by means of the preferred embodiments with reference to the accompany- 
ing drawings, in which: 
25 Figure 1 illustrates tunnelling; 

Figure 2 illustrates a local network, in which a tunnel can be ar- 
ranged from an access point to various corresponding hosts; 

Figure 3 shows a method according to a preferred embodiment of 
the invention; 

30 Figure 4 shows a method according to a preferred embodiment of 

the invention; and 

Figure 5 is a signalling diagram showing handover in accordance 
with a preferred embodiment of the invention. 



DETAILED DESCRIPTION OF THE INVENTION 

[0012] Figure 2 illustrates a local network BAN, where a tunnel can 
be arranged from an access point AP to various corresponding hosts CH. The 
local network BAN is in accordance with a preferred embodiment a wireless 
5 local area network employing user authentication and network access control 
according to an IEEE 802. 1x standard, such as a wireless local area network 
according to the IEEE 802.1 1 i standard. However, the invention can also be 
applied in other IEEE 802-based wireless local area networks or in other types 
of local network BANs, typically in networks operating at un-licensed frequency 

10 bands, such as a network according to the BRAN (Broadband Radio Access 
Networks) standard, a Home RF network or a Bluetooth network. The BRAN 
standards comprise High Performance Radio Local Area Network HIPERLAN 
standards of types 1 and 2, HIPERACCESS and HIPERLINK standards. 

[0013] The access point AP controls the radio interface in accor- 

15 dance with the radio technology used, according to an embodiment in accor- 
dance with the IEEE 802.11 standard. The IEEE 802.11 specifications deter- 
mine the protocols of both a physical layer and a MAC layer for data transmis- 
sion over the radio interface. Infrared or two spread spectrum techniques (Di- 
rect Sequence Spread Spectrum DSSS, Frequency Hopped Spread Spectrum 

20 FHSS) can also be employed in data transmission. A 2.4 gigahertz band is 
used in both spread spectrum techniques. The MAC layer employs what is 
known as a CSMA/CA technique (Carrier Sense Multiple Access with Collision 
Avoidance). The access point AP also bridges radio interface data flows or 
routes said data flows to other network nodes, such as other access points or 

25 routers R, and from other network nodes. Typically, the local network BAN 
comprises one or more sub-networks, and the access points included therein 
are connected to one another and transfer information to other IP-based net- 
works IPNW through the router R of the sub-network. The terminal TE may for 
instance be an integrated communication device, a laptop computer, combined 

30 with an apparatus offering radio access (such as a WLAN card), or a combina- 
tion of a PDA device and a mobile phone. 

[0014] The access point AP may form a tunnel with the correspond- 
ing host CH of the IP network, typically through the router R. As Figure 2 illus- 
trates, different networks may comprise different types of corresponding hosts 

35 CH, with which the access point AP may have to form a tunnel in order to 
transfer the data of a terminal TE. 
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[0015] The corresponding host CH may for example be an SGSN 
CH (SGSN) (Serving GPRS Support Node) of the public land mobile network 
PLMN or a GGSN CH (GGSN) (Gateway GPRS Support Node), whereby the 
services of the PLMN networks can be utilized through a local network. The 
5 PLMN may be a second generation network, such as the GSM/GPRS network, 
or a third generation network, such as the Universal Mobile Telecommunica- 
tions System UMTS network defined by the 3 rd Generation Partnership Project 
organization, also referred to as the 3GPP system network. 

[0016] The SGSN may serve the mobile stations connected to the 

10 PLMN network and offer the terminal TE access to the services of the PLMN 
network, for example, through the local network BAN. Thus, forming a tunnel to 
the SGSN CH (SGSN) functioning as the corresponding host, the services of- 
fered by the serving node SGSN can be utilized from the local network. For 
example, charging data of the terminal can be transferred to the operating 

15 node SGSN. The tunnel formed to the operating node SGSN could also be 
used when the terminal moves from the base station area within the SGSN to 
the access point AP area to offer a data transmission connection further 
through the PLMN network and the SGSN. Consequently, the service offered 
to the terminal TE is not to be altered owing to the transfer, and the data 

20 transmission may still proceed through the same GGSN. Such a situation may 
arise when the operations are transferred from a GPRS network area to a 
company's internal network. 

[0017] The gateway support node GGSN offers gateway operation 
to networks outside the PLMN network, such as the Internet or a company's 

25 intranet network. The user of the terminal TE, which may be a dual-mode or 
multi-mode mobile station, may have an agreement with the operator of a 
home PLMN network and the user may wish to use the gateway node GGSN 
of the home network to arrange data transmission to other networks also when 
using the services of the local network BAN. Thus, a tunnel is provided from 

30 the access point AP to the corresponding host CH (GGSN) arranging access 
to other networks. In such a case, the GGSN may also offer charging services. 
The tunnel may be in accordance with the GPRS Tunnelling Protocol (GTP) 
used between the operating node SGSN and the gateway node GGSN. One of 
the possible applications of the invention is to hand over the GTP tunnel. Even 

35 though the GTP protocol provides measures for updating the altered SGSN to 
the gateway node GGSN, such updating typically rarely occurs, much less fre- 



quentiy than the transfers between the access points AP in wireless local net- 
works BAN. If tunnelling is desired from the wireless local network to the 
GGSN, it is preferable that each local network BAN has the appearance of one 
logical SGSN, whereby the internal mobility of each local network BAN is not 
5 shown for the GGSN. This becomes possible when a transfer from one access 
point AP to another is made using a local tunnel transfer according to a pre- 
ferred embodiment. GTP signalling has to be used only when transfers are 
made between local network BANs, in order to update the end point. 

[0018] In accordance with a preferred embodiment the PLMN net- 

10 work comprises in addition to known network elements a Broadband Service 
Node BSN supporting an lu interface for one or more local network BANs. In 
this embodiment, the user and signalling data of the PLMN network is trans- 
parently transferred over the wireless access point AP and the IP network. Af- 
ter a successful authentication (carried out by a BSN or a separate authentica- 

15 tion server AS), the mobile station MS may also use the services of the visited 
PLMN network through the local network BAN and the service node BSN. The 
operation of the service node BSN corresponds to a great extent with the op- 
eration of a radio network controller RNC. The services of the service node 
BSN may include: 

20 - Performing RRC (Radio Resource Control) signalling protocols de- 

termined for a radio access network of the PLMN network, such as the UTRAN 
network, possibly in accordance with the BAN specified restrictions 

- Multiplexing a higher layer PLMN network, for instance UMTS data 
flows such as logical channels or conveying channels to IP-based transfer 

25 paths in the local network BAN, and demultiplexing from the local network BAN 

- Radio connection management 

- Arranging the encryption of the PLMN network 

- Compressing the IP header fields of the PLMN network 

- Re-sending the RLC (Radio Link Control) layer of the PLMN net- 

30 work 

[0019] The operations of the service node BSN may possibly also 
comprise monitoring the use of the resources of the local network BAN in order 
to check the billing of the BAN operator. Several PLMN networks may utilize 
the local network BAN. The local network BAN may be connected to several 
35 service nodes BSN and the BSN may be connected to one or more local net- 
work BANs. The BSN can be divided into separate server operations of the 



gateway and control plane of a user plane. The BSN may be connected to a 
serving node SGSN, to a Mobile Switching Centre MSC and possibly to other 
elements in the PLMN core network through the interfaces of the standards. 
The BSN may also be connected to other BSN nodes or to the radio sub- 
5 network in the PLMN network, such as the RNC elements in the UTRAN net- 
work through lur signalling interfaces for supporting handover within the UT- 
RAN network or between the UTRAN networks. In this embodiment, the MS 
includes means for implementing the lower layers (L1, L2) of the local network 
BAN and means for carrying out data transmission with the PLMN network 

10 through the local network BAN. In accordance with a preferred embodiment, 
the MS is a dual-mode terminal, which is capable of communicating in addition 
to the local network BAN with the PLMN network, such as the UMTS network, 
through the base stations (Node B) of the UTRAN. In order for the MS to be 
able to establish a connection to the PLMN network through the local network 

15 BAN, the MS must also include the following operations: 

- Implementing the PLMN network, for instance the signalling proto- 
cols of higher layers determined by the 3GPP specifications. Such protocols 
include RRC (Radio Resource Control), session management and mobility 
management. 

20 - Performing the limited functionality of the user plane protocols in 

the PLMN network and communicating the user plane data with the node BSN 
taking the possible restrictions caused by the local network BAN into account. 
Such protocols include RLC (Radio Link Control) and PDCP (Packet Data 
Control Protocol). 

25 - Multiplexing the data flows of the higher protocol layers in the 

PLMN network with the UDP/IP-based data transmission of the lower layers 
and in reverse demultiplexing the received data as the data flows of the PLMN 
network. 

[0020] In this embodiment, a tunnel can be provided between the 
30 access point AP and the service node BSN (i.e. CH(BSN) as regards the tun- 
nelling), by means of which the signalling and user data of the higher layers in 
the PLMN network can be transferred between the access point AP of the local 
network BAN and the service node BSN. 

[0021] In accordance with an embodiment, a proxy server CH 
35 (Proxy) functions as a corresponding host of the tunnel that typically functions 
as an intermediate device for transmitting data to the Internet, for instance. 
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[0022] In accordance with an embodiment, a router CH(R/FW) func- 
tions as the corresponding host of the tunnel on the border of the IP network 
IPNW and another network, for instance an IP-based intranet. The CH(R/FW) 
may also comprise a firewall FW functionality. This is a typical tunnelling sce- 
5 nario, whereby a tunnel is created over the Internet in a company's internal 
network, for instance. Thus, a VPN connection can be established for a termi- 
nal visiting the local network BAN; the VPN functionality is generally installed in 
the firewall server. The data to be transferred is typically encrypted during 
transmission. 

10 [0023] Any tunnelling protocols may be used in the previous exam- 

ples. In accordance with an embodiment, an L2TP Network Server (LNS) ac- 
cording to the L2TP protocol functions as the corresponding host of the tunnel, 
and an L2TP Access Concentrator (LAC) according to the L2TP protocol is 
implemented at the end point of the tunnel in the local network BAN. In accor- 

15 dance with another embodiment, a GRE protocol is used as the tunnelling pro- 
tocol, whereby a router functions as the corresponding host that supports the 
tunnelling protocol concerned. 

[0024] It should be noted that the tunnel from the local network BAN 
may be formed from an access controller AC of the local network BAN instead 

20 of the access point AP, said access controller might also be referred to as 
PAC. Such an access controller AC may control several access points, func- 
tion as a gateway and the functionality thereof may be located in a router de- 
vice R, for example. 

[0025] Figure 3 illustrates a method according to a preferred em- 

25 bodiment of the invention. Tunnelling attributes are determined in step 301 be- 
tween a first access device, such as the AP or R, and the corresponding host 
CH. Required tunnelling attributes, at least the IP address of the corresponding 
host CH, are transferred 302 to the first access device. 

[0026] The tunnelling attributes can be determined 301 and trans- 

30 ferred 302 for instance during the signalling between the first access device 
and the corresponding host CH on the basis of a service request from the ter- 
minal TE or the corresponding host CH (or through the CH). In accordance 
with an embodiment, the tunnelling attributes are determined 301 as a part of 
the authentication of the terminal TE before arranging the tunnel to the corre- 

35 sponding host CH. An authentication server AS can be used, a RADIUS server 
according to an embodiment, which transfers the tunnelling attributes to the 



first access device of the local network, if the authentication has been success- 
ful. An example of authentication, where the tunnelling attributes can be de- 
termined and transferred to an access device of a wireless local network, is to 
apply the IEEE802.1x authentication mechanism to the RADIUS server. Then, 
5 the access point functioning as the IEEE802.1x authenticator requests the 
RADIUS server to authenticate the terminal TE. The RADIUS server also de- 
termines the tunnelling attributes and sends them to the access point AP, if the 
authentication has been successful. The Internet draft "IEEE 802. 1x RADIUS 
Usage Guidelines" Congdon et al., 17 June 2002, 29 pages, shows such an 

10 authentication process. 

[0027] In accordance with a preferred embodiment, in response to 
the successful authentication and the received tunnelling attributes, an IP ad- 
dress is allocated 303 in the first access device for the terminal TE for data 
transmission thereof and a tunnelling IP address for the tunnel to be formed for 

15 the data transmission of the terminal, said tunnelling IP address being used as 
the end point of the tunnel transferring data of the terminal. The IP address to 
be used for data transmission can also be allocated in a separate Dynamic 
Host Configuration Protocol DHCP server. Fixed IP addresses are alternatively 
used, in which case said IP address is not allocated. 

20 [0028] In the first access device, the tunnel determined by the tun- 

nelling attributes is bound 304 to the tunnelling IP address. Thus, a tunnel is 
determined in the first access device, the end points thereof being the tunnel- 
ling IP address and the IP address of the corresponding host. After this, data 
transmission through the tunnel can be initiated 305, whereby the access de- 

25 vice encapsulates the packets arriving from the terminal to the corresponding 
host CH and correspondingly decapsulates the packets sent from the corre- 
sponding host and destined for the terminal and forwards the data to the termi- 
nal TE using a wireless link. The packets destined to the tunnelling IP address 
functioning as the other end point of the tunnel are thus forwarded to the net- 

30 work interface of the first access point, preferably to a MAC address of the 
network interface. Using the tunnel-specific tunnelling IP addresses in the ac- 
cess device differs substantially from the conventional tunnelling solutions, in 
which the end points of the tunnel employ the specific IP addresses thereof as 
identifiers of the end point of the tunnel. 

35 [0029] Referring to Figure 4, the following steps are described in a 

method according to a preferred embodiment. When a need 401 is detected to 
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change the wireless connection of the terminal to be implemented by a second 
access device, tunnelling attributes are transferred 402 from the first access 
device, especially the IP address of the corresponding host and the tunnelling 
IP address allocated to the terminal in the first access device, and other state 
5 information possibly relating to the terminal, to the second access device. 

[0030] The need for handover 401 typically arises when the terminal 
moves to the coverage area of the second access device, whereby the termi- 
nal TE can be provided with a radio link of superior quality through the second 
access device. In accordance with an embodiment, when the need to change 

10 to the second access device is denoted in the terminal TE, the terminal sends 
a service request to the second access device. After this the terminal TE is 
provided with a data transmission connection to the second access device. 
The second access device observes that the terminal TE already communi- 
cates with the first access device. Then, for example, authentication does not 

15 necessarily have to be carried out again, instead the second access device 
may request for information associated with the connection from the first ac- 
cess device using an IAPP protocol (Inter Access Point Protocol), for instance. 
In response to the request, the first access device observes the need for 
handover and carries out step 402, and after this the original binding between 

20 the tunnelling IP address and the network interface can be removed. The IAPP 
protocol is manufacturer-specific, wherefore handover from one access device 
to another can be implemented in various ways. What is essential is that all 
state information associated with the terminal is transferred from the original 
access device to another access device. For example in the IEEE 802.11 pro- 

25 tocol, during handover, the terminal informs the second access device about 
the MAC address of the first access device. Thus the second access device 
sends a message to the first access device. In response to said message, the 
first access device sends the context associated with the terminal to the sec- 
ond access device. 

30 [0031] The tunnelling attributes to be transferred 402 to the second 

access device comprise at least some of the following: a tunnelling IP address 
allocated locally to the tunnel of the terminal, an IP address of the correspond- 
ing host, attributes and state information associated with the tunnelling protocol 
in use, such as state information concerning an L2TP connection, different at- 

35 tributes associated with encryption and general safety, such as attributes of the 
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IPsec context. In accordance with a preferred embodiment, the IAPP protocol 
is used for transferring said information to the second access device. 

[0032] In the second access device, binding is determined 403 be- 
tween the tunnel determined by the tunnelling attributes and the second ac- 
5 cess device, especially between the tunnelling IP address and the network in- 
terface of the second access device, advantageously the MAC address of the 
network interface. Thus, the second access device configures the starting point 
of the tunnel to one of the interfaces in the wired network included therein. In- 
formation about the new binding between the MAC address of the second ac- 

10 cess device and said tunnelling IP address is sent 404 to at least one network 
node. Such information is preferably sent to at least one router R in the local 
network BAN. Typically the access devices belong to the same sub-network, 
whereby it suffices that (regarding an external IP network IPNW) a new entry is 
updated in a binding table of the router located on the border of the sub- 

15 network concerning the binding between the tunnelling IP address and the 
MAC address of the second access device that replaces the binding of the 
tunnelling IP address of the first access device and the MAC address of the 
first access device. This can be implemented using conventional mechanisms 
of the data link layer, and the operation thereof does not require any new 

20 properties of the router. Naturally the new binding between the tunnelling IP 
address and the MAC address of the second access device can be conveyed 
to any one of the nodes in the same sub-network. After updating, information 
to or from the terminal to or from the corresponding host is transferred 405 to 
and from the second access device using the arranged binding. The invention 

25 does not either require any changes to the terminal TE; the wireless link can 
be changed from the first access device to the second access device utilizing 
already known mechanisms. 

[0033] It should be noted that the configuration of the local network 
BAN may be such that the second access device does not have to send infor- 

30 mation about the binding to any other network node, but it suffices that the 
binding is updated (404) to the memory thereof. Here, the network node refers 
to the second access device. 

[0034] Different tunnelling scenarios are illustrated above. The in- 
vention can be applied to any system applying any tunnelling protocol. Some 

35 of the tunnelling protocols that can be used have already been mentioned: 
L2TP, GRE, IP-in-IP Tunneling, Point-to-Point Tunneling Protocol (PPTP), IP 



Encapsulating Security Payload in the Tunnel-mode (ESP), IP Authentication 
Header in the Tunnel-mode (AH), Ascend Tunnel Management Protocol 
(ATMP), Layer Two Forwarding (L2F), Bay Dial Virtual Services (DVS), and 
Virtual Tunneling Protocol (VTP). As mentioned above, the GTP tunnel can 
5 also be changed locally in accordance with a preferred embodiment, whereby 
the information associated with the GTP tunnel is transferred from the first ac- 
cess device to the second access device, which starts using them. 

[0035] Figure 5 is a signaling diagram that further illustrates mes- 
sages associated with handover in accordance with a preferred embodiment of 

10 the invention, in which the IAPP protocol and a) an IPv4 protocol or b) an IPv6 
protocol are used. When a need arises to carry out handover for the terminal 
TE from a first access point AP1 to a second access point AP2, the AP1 sends 
the tunneling attributes as well as the tunneling IP address to the second ac- 
cess point AP2 using an appropriate IAPP message 501. The AP2 forms a 

15 binding 502 as illustrated above between the tunneling IP address and the 
MAC address. The AP2 sends 503 to the router R in the system using a) the 
IPv4 protocol by an ARP table updating message [Gratuitous ARP], on the ba- 
sis of which the R updates the ARP table thereof. If the system uses the IPv6 
protocol, the AP2 sends 503 an Unsolicited Neighbour Advertisement mes- 

20 sage sent without a request according to b) the IPv6 protocol, on the basis of 
which the R updates the neighbour table thereof. After the message 503, the 
packets received by the router, in which the tunneling IP address is the target 
address, are automatically transferred to the second access point AP2. Situa- 
tions may also arise, where the network node inquires about a receiver (the 

25 MAC address) for the received packet, in which the tunneling IP address is the 
target address. Then, the AP2 responds using the MAC address thereof after 
handover. Deviating from the above, it is also possible that the first access 
point AP1 updates (503 or 504) the binding information of at least one network 
node instead of the second access point AP2. 

30 [0036] In accordance with an embodiment, the first access point 

(AP1) may forward the packets arriving thereto to the second access point 
(AP2). Thus, a temporary route to the second access point is added to the 
routing table of the first access point, i.e. the original binding is changed in the 
first access point to indicate the MAC address of the second access point. The 

35 added binding can be removed for instance after a predetermined threshold 



14 

time. This embodiment allows to avoid or at least to reduce the losses of pack- 
ets sent during the change. 

[0037] In accordance with a preferred embodiment, updating the lo- 
cal tunnel allows avoiding the delay caused by signaling resulting from the 
5 change of the end point to the corresponding host that the following example 
illustrates. Let us presume that the corresponding host of the tunnel sends a 
packet to the terminal TE. As the packet is still on its way, the access point is 
changed to the terminal TE. The new access point is locally updated (in Figure 
5, messages 503, 504) to the nodes of the local network BAN on the data link 

10 layer, for example using the ARP protocol. Thereafter the tunneled packet ar- 
rives at the link layer of the node in the local network BAN. The packet is cor- 
rectly routed to the new end point (AP2), even though it was sent before hand- 
over (prior to step 501). 

[0038] In accordance with an alternative embodiment, the same ad- 

15 dress as the terminal TE uses is employed as the tunneling IP address, i.e. the 
address that is typically allocated in the local network BAN, when the terminal 
has been authenticated, and is then sent to the terminal. The access device 
(the first or the second) then uses the tunneling IP address as the termination 
address of the tunnel that happens to be also the identifier of the terminal TE. 

20 Consequently the packets destined to the IP address concerned are trans- 
ferred to the MAC address of the access device, the packets being received in 
the local network BAN. The same IP address is used at two levels, in other 
words as the source/target address of the encapsulated packet and as the 
source/target address of the IP packet including in the encapsulated packet. 

25 The access device is arranged to transfer the packets received from the tunnel 
to the terminal TE and to send the packets received from the terminal TE to the 
tunnel using said IP address. Handover from the first access device to the 
second access device can be carried out as illustrated above in Figures 4 and 
5, whereby the MAC address of the second access device is bound to the tun- 

30 neling IP address. If packets destined to the terminal TE are sent in the local 
network, for instance, from another access point (i.e. without a tunnel), the 
packets are transferred on the basis of the valid binding to the access point 
serving the terminal that changes the MAC address of the terminal TE to the 
MAC address of the packets and forwards them to the terminal TE. Corre- 

35 spondingly, when the serving access device receives a packet from the termi- 
nal, which is not intended to be conveyed by the tunnel, the access device 



15 

merely forwards the packet in accordance with the target address. Alternatively 
the tunneling IP address is bound to the MAC address of the terminal TE, 
whereby the bridging protocols of the access points allow the correct access 
point to be able to transfer the packets of the terminal to the air interface. Then 
5 the access point tunnels and removes the tunnel as a part of the bridge. 

[0039] Still in accordance with a preferred embodiment, the access 
point AP (or access controller AC) in the local network BAN operates as a mo- 
bile node (MN) in accordance with the IP mobility protocol. Thus the access 
point can basically be moved into any network, also between sub-networks, 

10 and the IP mobility protocol makes sure that the packets of the corresponding 
host always find the destination thereof. The change of tunnel illustrated above 
can also be utilized in this embodiment. Thus, when changing the tunnel to a 
new access point AP (or access controller AC) the state of the IP mobility cus- 
tomer device is also moved, i.e. the possible authentication keys, the address 

15 of the home agent, and the state information concerning the mobility bindings. 
In such a case, the IP address of the access point would function as a care of 
address in the IP mobility protocol, the tunneling IP address (which is not 
changed when changing access points) would function as a home address 
according to the IP mobility protocol, and the network node, for which the in- 

20 formation about the new binding is updated, is a home agent (which is typically 
located outside the local network BAN). In other words, when the tunnel is 
changed to another access point, the information concerning the binding is 
updated between the tunneling IP address and the IP address of the network 
interface of the second access point to the home agent. 

25 [0040] The access points AP comprise one or more processors and 

a memory, by means of which the inventive means, the embodiments of which 
are illustrated in Figures 2 to 5, can be implemented. Consequently the inven- 
tive means can be implemented in the processing unit employing a computer 
program code. It is also possible to use hardware solutions or a combination of 

30 hardware and software solutions to implement the inventive means. 

[0041] It is obvious for those skilled in the art that as technology 
progresses the basic idea of the invention can be implemented in various 
ways. The invention can also be applied in telecommunication systems other 
than those comprising a local network, such as the systems comprising for in- 

35 stance the PLMN network, in which tunneling is used. The invention and the 



16 

embodiments thereof are therefore not restricted to the above examples but 
may deviate within the scope of the claims. 



